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The pre$ent Amendment is responsive to the Office Action tnailed June 30, 2005. 

In the Office Action, claims 1-25, 71-90 and 94-96 were rejected as being anticipated by 
Kido et al. Reconsideration and withdrawal of these rejections are rcspect&lly requested. 

As the Examiner will note, the claims have been amended to more precisely define the 
claimed embodiments and to take care of a few formal housekeeping matters. No new matter has 
been added. 

Eadi of the pending independent claims is discussed hereunder in turn. 
Independent Claim 1 

Independent claim 1, as amended, recites; 

1. (Currently Amended) A PH certificate architecturs for a network 
connected gaming system, wherein each wftware component within the 
gaming system subject to receive certiOcation Is uniquely associated with « 
Bnlgue identifier and Is signed with a dl s tinet i vc separate and nniaue PKr 
certificate, the seoarate and uninue VKl certificate being oniqacly 
identified by nt least one field bv the unique Identifier. 

Therefore, independent claim 1 requires Aat each software component to receive 
certification is uniquely associated with a unique identifier and that each software consent is 
signed with a separate and unique certificate that is, in turn, uniquely identified by the unique 
identifier. According to claun 1, a separate and unique certificate is created for each software 
component subject to receive certification. This separate and unique certificate, in turn, is 
identified at least by the unique identifier (its part number, for example^ that is associated wiffa (or 
part of, for example) its software con^onent 

In contrast, Kido et al. teach that each execution object 121 has a certificate 210 and an 
electronic signature 221 of its provider (See Col. U, lines 55-65 identified by the Examiner). 
TherefiM:e, Kido et al. teach that each execution object has a certificate and an electronic signatute 
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ofitspFQVidgl (i.e., the entity that provided the ev ecutioo obiect - in Kido et al.»s case, the assignee 
IBM, for example). 

In Kido et al., the certificates are evaluated to determine whether they originate firom the 
"proper provider." See, e.g., the claims of Kido et al.. Col. 12, line 47 to Col. 13, line 10 ("...an 
electronic signature 271 of the provider, which represents data encrypted using the secret key of 
the provider, enables to confirm that the data is not corrupted since it has been created by the 
provider." In Kido et al, therefore, the certificates and the code signing operations rely upon the 
secret key of the provider, and are ao| specific to any software component Kido et al. are 
concerned about the proper provenance of the data or execution objects (i.e., where did the data or 
execution objects originate firom), whereas the claim 1 calls for each software component to 
receive regulatoiy certification have a "separate and unique certificate" that is "uniquely identified 
at least by a unique identifier that is uniquely associated with the software component (i.e., there is 
a one-to-one correspondence between the unique identifier and the software component). 
According to claim 1, therefore, each software component receives a separate and unique 
certificate that is uniquely identified by a unique identifier that is uniquely associated with the 
software component. Kido et al. do not teach this. Indeed, there is no teaching in Kido et al. of each 
software component having its own separate and unique certificate, and much less a PKI certificate 
architecuire in which each software component has its own separate and unique certificate that is 
uniquely identified (at least) by a unique identifier that is uniquely associated with the software 
congwnent. Each certificate, according to the claimed inventions, therefore, is separate and unique, 
with flie exception of the embodiment that includes companion files (discussed hereunder relative 
to independent claim 94). In Kido et al., the certificates appear to be unique only to the provider of 
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the execution objects, and not to the executable objects themselves, as required by claim 1 and its 
dependent claims. 

In Kido et al., fliere is no link, correspondence or unique association between a unique 
identifier of their execution objects and the certificates. In Kido et al., the certificates are created 
with the secret key of the provider of the execution objects, whereas, the claimed embodiments 
call for a separate and unique certificate to be created for each software component, and this 
separate and unique certificate is uniquely identified by a unique identifier (the part number 
thereof, for example) that is uniquely associated with software component. Claim 1, as amended, 
makes this distinction clear and unambiguous. Unique identifiers, according to fimher 
embodiments of the present invention, may include any one or a combination of a software 
componMit part number, major version number, a software component minor version numberj a 
software component build number; a software component revision number; a software 
component project name; a software component type of software component; a software 
component language variant; a software component game regulation variant; a software 
component friendly name; an identification of the certification laboratory, and/or an 
identification of the client, as called for by claim 7. 

For the Examiner's convenience. Applicants' representative has rq>roduced the entire text 
of Kido et al. in the APPENDIX attached hereto, highlighting aU instances of the term "provider" 
to emphasize the point that all certificates in Kido et al. are encrypted with the secret key of the 
provider, and are not uniquely identified by a unique identifier that is uniquely associated with the 
software component, as claimed and required by claim 1. 

Independent Claim 17 

Independent claim 17, as amended, recites: 
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17. (Currently Amended) A method for a network connected gaming 
system to prevent unauthorized software components of constituent 
computers of the gaming wcf att^ from executing, comprising the steps of: 
producing a separate and unique PKI certificate for each software 
component subject to receiving certification ^ each software component 
subject to rccetviny certification i ncluding a unique identifier! 
code signing each software component subject to receiving certification 
with its respective separate and uninne PKI certificate, each respective Piq 
certificate being »Mi<melv Identifi ed bv a unique identifier that is uniquely 
associated with the sofhya|-e component. awiH 

configuring S oft^rftyt^ Restriction Policy Mftware restriction nolicv 
certificate rules to allow execution of n . s elected set of each s oftwaro 
component aubjcei to r p rciving certlfiouti u n onlv those softwara 
compm^eiyts whpse code signed PKT c crtiflcate is determined tn h P 
authorized. 

M the Examiner will note, independent claim 17 calls for producing a separate and unique 
PKI certificate for each software component (Kido et al. do not do this - their certificate attests to 
the '^proper provider" and is not unique to any one software component). Moreover, each 
certificatfi, as claimed, is uniquely identified by a unique identifier that is uniquely associated with 
the software component Again, the certificates of Kido et al. even if separate for each execution 
object, is not unique to each execution object - instead, it refers to the common provider thereof, 
which is hardly unique. 

The discussion above relative to claim 1 is equally applicable to independent claim 17 and 
is incorporated herein by reference, as if repeated here in full. 

Independent clftim s 20 and 22 

Independent claim 20, as amended, recites: 

20. (Currently Amended) A method for a network connected gaming 
system to enable only authorized software components of constituent 
computers of the camlnf yvsti^w^ to execute, comprising the steps of; 
configuring a separate Sof hvnrc Restriction Policy software restriction 
policy for each authorized software component, and 

enforcing the So ftivare Restriction Policy software restriction nolicv for 
each authorized soft ware component. 
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It is respectfully submitted that the passages identified by the Examiner as teaching the 
claimed steps (Col. 1 1, line 55 to Col. 12, line 12 and Col. 12, line 46 to Col 13, line 10) do not 
teach any software restriction policy. Moreover, these passages do not teach that a senaiate 
software restriction policy is configured and enforced for ea^ authorized softwans component, as 
claimed herein. Again. Kido et al. in Col 12, lines 51-59 state that the execution objects are 
provided wilJx the electronic signahire of the provider, to insure that the file has not been corrupted 
Since its creation by the provider. Independent claim 22 also includes a similar limitation drawn to 
a separate and uniqiig software restriction policy for each authorized software component, which 
finds no counterpart in the Kido et al. reference. 

Independent Claim Id 

As amended, claim 24 recites: 

24. (Currently Amended) A method for a network connected BAming 
system to enable only authorized software coinponeMta of conirtttiif ^ nt 
fiomPMters of the gaming r^t^rn to execute, comprising (be steps of: 
producing a separate and unique P KT certificate for each soHware 
component subject to receive certlflcation . each respective PKI certinMte 
Mfh?wc Smnnnm v " " ' "iauelv aMnri.ted with fht> 

signing each software component subject to receive certification with tte-tts 
respective separate and unique PKI certificate; 

configuring a certificate Software Re s triction PoHiy software rcstricrinn 
Efilio: for each of the respective separate and nnioue PKI certincates, and 
enforcing the certificate S oftware Ro g tricOon Policy software restriction 
fioUex for each of the respective separate and unlqijig PKI certificates. 

Independent claim 24, therefore, includes recitations drawn to a separate and unique PKI 
certificate for each software component subject to regulatory certification, as weU as recitations 
drawn to a separate and unique software restriction poUcy for each software component Therefore, 
claim 24 is allowable for all of the reasons developed above, as Kido et al. do not teach a separate 
and unique certificate for each software component, nor do Kido et al. teach the creation ot 
enforcement of a separate software restriction policy for each software coKoponent. 
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Independent claim 25 



As amended, independent claim 25 recites; 

25. (Currently Amended) A method for downloading authorized software 
cQmpoiients and allowing execution of downloaded a uthnrizfid software 
components lw of constituent computers of a network connected gaming 
system, comprising the steps of: 

code signing each authomed software component with a distinctive 
Separate PKI certtflcate that is uniqu e to the anthorizfed software 
component ; 

packaging the code sig ned authorized software components Into an 
installation package; 

configuring install policies to install each code signed authorized software 
component gpntalned in the Installation nackagei 

conOguring certificate rule policies to allow execution of the Installed code 
signed authorized software component; 

configuring enforcement of the policies. 

As developed above, Kido et al. teach to associate a certificate to the execution object that 
is unique to the provider of the execution object, and not a certificate that is unique to the execution 
object itself. In contrast, as claimed herein, the authorized software component is code signed with 
a separate PKI certificate that is unique to the authorized software component, which is clearly not 
taught by the Kido et al. reference, as examination of the text thereof in the Appendix reveals. 

Independent claims 71 and 73 



As amended herewith, claim 7 1 recites: 

71. (Currently Amended) A method for a network connected gaming 
system to prevent unauthorized executable files of constituent computers of 
the gaming system from executing, comprising the steps of: 

packaging the authorized executable files Into a code signed MSI 
installation package; 

configuring certificate rule policies to enable execution of the code signed 
MSi installation package; 

enforcing the policies, and 

executing the code signed MS InstaUation package upon every computo f 
startup of any of the constituent comuatcrs of the gaming sy stcn^ or upon a 
command, wherein execu tion of anv authorized executable file is predicated 
upon ^uccey^fullv executing the code signed Installation packaige Into which 
the authorized eit^cutflble file is packaged . 
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Claim 71 calls for packaging authorized executable files into a code signed installation 
package, configuring and enforcing certificate rule policies and executing the code signed 
installation package upon every startup of any of the gaming machines of the gaining system. At 
the outset, there is no teaching of any execution of any installation package upon every startup of 
gaming (or any other) machines. This shortcoming alone wanants withdrawal of the anticipation 
rejection. Moreover, claim 71 requires that execution of any authorized executable file is 
predicated upon successfully executing the code signed package into which the authorized 
executable file is packaged. Independent claim 73 contams similar recitations. None of the 
passages pointed out by the Office even hint at such steps or fimctionality, nor does the remainder 
of this reference. Note that none of Kido et ai/s Figs 6-8 nor the corresponding written description 
thereof teach such steps or fimctionality. 

Independent claims 75 and 77 

As amended, claim 75 recites a method to prevent code of unauthorized non-executable 

files jfrom affecting the game outcome, and includes steps of: 
75. (Currently Amended) ... 

packaging the noi%-executable fUes into a code signed MSH iDStallatlon 
package; 

conflguring certificate rule policies to enable execution of the code signed 
MSI installation package; 

configuring enforcement of the policies, and 

executing the code signed MSI installation package upon every ooqipute y 
startup of any of the constituent comoutcrs of the gaming system or upon a 
command. 

In this claimed embodiment, the non-executable files are packaged into a code signed 
installation package, certificate rules are configured and enforced, and the code signed installation 
package is executed upon every startup of any of the computers (e.g., gaming machines, gaming 
terminals, gaming servers, payment terminalSj etc.) of the gaming system or upon command. Kido 
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et al include no teachings of packaging non-executable files into an installation package, nor does 
Kido et al. teach of executing an installation package upon every startup of any computer or upon 
command, as claimed. Claim 77 contains similar limitations, in that the installation package is re- 
installed upon every startup of any computer, a topic about which Kido et al. is also wholly silent 

Independent claim 79: 

79. (Currently Amended) A method for scheduling at least one authorized 
executable spfhvare component installed in a network connected gaming 
system, the gaming svatem including a nhiratttv of gaming machines, the 
method comprising the steps of: 

packaging at least one authorized non-executable file that control the 
scheduling of the at least one authorized executable software component 
into at least one code signed MSJ installation package , each of the at least 
one code signed installation packages including a predetermined PKI 
certificate ; 

configuring certificate rule policies to enable execution of the at least one 
code signed MSI installation package in a S Gloctod sot of gaming terminals 
selected ones of the plurality of gaming machines ; and 

configuring enforcement of the certiiicate rule policies; and 

downloading the at leajtt one code signed MSI Installation package into b 
s elected s ot o f - gaming Cerminal fl the selected ones of the nluralitv of gamine 
machines: 

executing the at least one code signed MM installation pn^ikogc s nackag^. 
At the outset, Kido et al. do not teach my method for scheduling anything (the words 
schedule, scheduling and the like do not even appear in the patent). Neither Fig. 3 of BCido et al. nor 
the passages of the written portion thereof referred to in the outstanding Office Action teach any 
method or means for scheduling authorized ejtecutable software components or anything else. 
Moreover, Kido et al. do not teach that each of the installation packages (Kido et al. do not teach 
any installation packages, or otherwise) includes a predetermined PKI certificate. 

Independent claim 82 

As amended, claim 82 recites: 
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$2. (Currently Amended) An automated platform to enable ^ aji on-going 
regulatory certification of a sub s tantial - um ft^ plurality of authorized 
software components of a network cotinected gaming system inc luflin? a 
nluralitv of computers, the method comprising: 

a reference platform representatiye of a target network connected gaming 
system and comprising a software-building environment located at a 
manufacturer or subcontractor of the software components the 
fu nnafaotttrcr^ s premises or do s ignntod s nbcontractors ; 
a certiHcation platform located at a regulatory certification authorit y* the 
ccrtiflcation platform being substantially identical to the reference 
platform, and 

code-signing means for enabling the manufacturer or subcontractor to 
associate a a ss ociating q di s tinctive separate and nniaue PKI certificate 
with each authorized software component subject to rcyulatory 
certification^ 

The passages identified in the Office Action as teaching the subject matter of claim 82 do 
not, in fact, do so. For example, Col. 11, lines 20-35 is merely a listing of the different operating 
systems with which the Kido et aL system is compatible. Col. 11, lines 40-45 discusses, among 
otfier items, the object server 150. The object server is described in Kido et al. beginning at Col. 
12, line 64 as follows: 

The object seryer 150, which is managed by the associated provider, Is 
responsiye to a request from the stub object 110 for notifying term's 
yaUdity (guaranteed term of availability) of each version of execution 
objects. Also, the object server 150 contains the newest execution objects, 
thereby allowing the stub object 110 to access the same. Referring to FIG. 5, 
the object server 150 has an execution object management table 300, which 
contains execution objects' IdentiOers 301, term's validity Inforxnatlon 303 
of respectiye versions of the execution objects and pointers 305 to the 
execution objects. 

The object server, therefore, acts as a repository for execution objects and is further tasked 
with verifying the validity of execution objects. Also, the Examiner's kind attention is drawn to 
Col. 13, beginning at line 22 under the heading "C. Checking/Referencitig of Execution Object/' 
Neither the object server nor the remote systems 141, 145 (see Fig. 3 of Kido et al.) meet the claim 
recitations of claim 82 relative to the claimed reference and certification platforms. Moreover, 
Kido et al.*s execution object server and remote systems do not teach any reference platform 
having code-signing means fbr enabling the manufacturer or subcontractor to associate a 
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associating a distinctive separate and unique PKI certificate with each authorized software 
component subject to regulatory certification» as also claimed in independent claim 82, for the 
reasons outlined above relative to other independent claims. Kindly note that the Certification 
Authority (CA) 170 in Kido et al. is only the authority that issues the certificates and is not 
described by Kido et al. as having any of the functionality of the claimed reference or certification 
platforms. 

Independent claim 94 

Lastly, independent claim 94, as amended, recites: 

94. (Currently Amended) A method for a gaming tcmino) machine in a 
network connected gaming system to generate a WftI menu of antliorfzed 
games available to player s, the method c omprising the steps of; 

generating a separate and unique code signed PKI certificate for a 
predetermined software module of each auth orized game; 

generating an executable companion file for each authorized game, wherein 
the executable companion file Is configured to execute faster than the 
authorized game B ub s tantialiv quicker to eyecB te^ than Htnrting QTrPOiifInn of 
the gome nnd^ wherein the cod& -s igncd PKI certificate n$ » Qc | at e d to the 
companion file io identical to the code s^ncd FKI B ortlflcatc as s ociated to 
the gnmc main module ; 

code signing both the predetermined software module and its executable 
companion file with the generated PKI certificate: 

enforcing Sofhvnrc Restriction Folicy software restriction policy rules for 
preventing non-authorized software components from executing; 
enforcing S oft^^^orc ■Res triction Policy software restriction policy rules for 
enabling execution of a s elected s et selected ones of the authorized gomes; 
attempting to execute each executable.companion file, and 
adding only those games to ft the menu Itst of authorized games whose 
executable companion file hAs not been denied execution bv the software 
restricHon ddMcv rules. 

None of the passages referenced by the Examner teach any menus or methods for 
generating menus, as required by the claim. In fact, there are no menus disclosed in Kido et al., and 
there are no methods of generating menus of authorized games available to players in this 
reference. Moreover, none of the passages referenced by the Examiner or the remainder of Kido et 
al. even remotely teach the use of a "companion file" that executes faster than its associated game 

Page 33 of 53 

Sesrial No. 10/789,975 
Atty. Docket No. CYBS5858 

PAGE 33f54'RCVDAT12/22/200S 5:32:25 PM [Eastern Stw^^^ 



12/22/2005 15:29 



6508517232 



YOUNG LAW FIRM PC 



PAGE 



REMARKS 



to detemiine whether a game should he added to a menu of available games. The concept and 
implementation of companion files is only described in the present application. Indeed, the 
embodiments of the present inventions that use a companion file are disclosed. in the specification 
beguming at paragraph [122]. Kido et al. simply teach nothing of the sort. 

In view of the present Amendment and the foregoing remarks it is believed that the 
rejections of the claims under 35 U.S.C. § 102(e) should be reconsidered and withdrawn. The same 
is, therefore, respectfully requested. 

Applicants' attomey believes that the present application is now in condition for an early 
allowance and passage to issue. If any unresolved issues remain, the Examiner is respectfully 
invited to contact the undersigned attomey of record at the telephone number indicated below, and 
whatever is required will be done at once. 
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